Raúl Redondo - Lares Labs

Raúl Redondo

From Threat to Test: Emulating Scattered Spider in Realistic Scenarios

From Threat to Test: Emulating Scattered Spider in Realistic Scenarios

At Lares, we specialize in threat simulation and adversarial collaboration with our clients, replicating the tactics, techniques, and procedures (TTPs) observed in the latest cybercriminal groups. By studying real-world incidents, like those perpetrated by Scattered Spider, we design controlled simulations to test organizational defenses, evaluate incident response readiness, and identify

Kerberos IV - Delegations

penetrationtesting

Kerberos IV - Delegations

In the third part of this Kerberos series, we focused on leveraging user credential material for impersonation through techniques such as Pass-the-Key/Ticket/Cache/Certificate, and Shadow Credentials. Additionally, we explored how to manage and forge Kerberos tickets to facilitate lateral movement, privilege escalation, and establish persistence within the domain.

Kerberos III - User Impersonation

penetrationtesting

Kerberos III - User Impersonation

The goal of this post, whether we are adversaries or defenders, is to help us understand the multiple ways that Kerberos offers to access resources using the credential material gathered.

Kerberos II - Credential Access

penetrationtesting

Kerberos II - Credential Access

In this part of the series, we will focus on Credential Access and the attacks that Kerberos can facilitate.

Kerberos I - Overview

penetrationtesting

Kerberos I - Overview

This post, is the first in the series and will aim to provide an overview of the protocol, from its beginnings to the different (ab)use techniques.

The Phantom Menace: Exposing hidden risks through ACLs in Active Directory

The Phantom Menace: Exposing hidden risks through ACLs in Active Directory

The abuse of misconfigured Access Control Lists is nothing new. However, it is still one of the main ways of lateral movement and privilege escalation within an active directory domain.